Privacy Return on Investment: More Reasons to Invest than Just to Comply with the Regulations

Cisco has updated its annual Data Privacy Benchmark Study and indications are pointing towards the enormous benefits of privacy investments.

The data is based on the response of 2,800 security professionals in 13 countries across the major industries and varied company size.  The study focused on information regarding a couple of keys areas and how they correspond with the company score on the Centre for Information Policy Leadership (CIPL) Accountability Wheel.

Large businesses spend an average of $1.9 million a year on privacy and smaller businesses averaged out at $800,000. More than 70% of these respondents reported “significant” or “very significant” return on investment, including:

• 67% reduction of sale delay

• 71% mitigating losses from data breaches

• 73% making company more attractive for investment

• 71% enabling agility and motivation from having appropriate data controls

• 72% achieving operational efficiency from data controls

• 74% building loyalty and trust with customers

The CIPL, a global privacy and security think tank, created the Accountability Wheel with the help of regulators and business leaders to assist companies in assessing and implementing privacy and data protection requirements.  The “wheel” accounts for the following privacy-related factors: leadership and oversight; risk assessment; policies and procedures; transparency; training and awareness; monitoring and verification; and response and enforcement.

Respondents of the survey were asked to rate these factors on a scale of 1 to 5, with 5 being the highest rating.  Twenty five percent of respondents reported a score of 3 or less, 41% scored 3 to 4, and 33% scored over a 4. The companies with a higher accountability score achieved a greater corresponding return on investment and privacy-related benefits, as well as fewer breaches and shorter sales delays.

The survey found that the world-wide average estimated return for every dollar spent by a company on privacy is $2.70, with nearly half of the companies seeing greater than twofold return, and a third of the companies breaking even. Only less than 8% of companies in the survey received less than a dollar back for every dollar invested in privacy.   Companies in the United States see an average return close to the world-wide average: $2.6 for every invested dollar.

The larger the company, the more on average they invested in privacy, and ultimately saw larger returns. Companies that scored higher on the Accountability Wheel achieved a  greater average returns in benefit: 3.1 times more for high accountability companies, 2.7 for mid-range companies, and 2.3 times the return for low scorers.

Companies that scored higher on the Accountability Wheel saw fewer to zero data breaches and less recovery time from the breaches. Companies that scored 4 or higher were twice as likely to avoid any breach. Having an established data protection system in placed also helped mitigate the time, impact, and cost of recovery.

Over the last three years that this study has been conducted, there has been a marked increase in respondents (70% compared to last year’s 40%) recognizing the multitude of benefits derived from privacy and data security investments.

In other survey findings, most companies feel the same about their GDPR readiness as they did in the previous year, and perhaps this is because they perceive the GDPR compliance as an ongoing work that requires constant maintenance and evolution.

Overall, the survey shows that investing in privacy is more than compliance with the new regulations.  Rather, companies that invest in privacy are being business-smart and will likely see a positive return on their investment.

Ask Clarip today how we can solve your biggest compliance pain points, Call Clarip at 1-888-252-5653